K-12 schools face cyberattacks? How can that be? It seems so inappropriate, so illegal. It is both of those things, but unfortunately, such attacks are increasingly common. For instance, according to the 2018 State of K-12 Cybersecurity: Year in Review, a report from the K-12 Cybersecurity Resource Center, 119 schools experienced 122 cyberattacks that year. These attacks vary in type but are mainly associated with the following:
We’ll get into how each of these malicious attacks work later in the article.
To understand the scale of the problem, consider that the Los Angeles Times reported as many as 500,000 students and staff at the San Diego’s Unified School District may have had their personal data stolen in 2018. The breach included social security numbers, dates of birth, phone numbers, and private health information.
Why K-12 Cyber Security Needs to Be Prioritized
The only “consolation” here is that breaches of this magnitude are happening all over the place, in virtually every corporate and government setting. Hackers tend to look for weakly guarded systems. School districts have those, due to limited resources for IT and cybersecurity. And, to be sure, who would have even thought of this as an issue even a few years ago?
It is a serious problem now, however. Thousands of students, their families, faculty, and staff are having their privacy invaded. They are at risk of fraud, identity theft, and online harassment. College admissions and other sensitive educational processes such as special ed grants are at risk if private data is exposed online. Data breaches affect the districts’ reputations and diminish community trust in the institutions.
How and Why School Data Is Getting Breached
Many school breaches are the result of phishing attacks. In this hacking technique, a school district employee receives an email containing a malware link. Clicking on the link allows his or her machine or mobile device (i.e. a network “endpoint”) to become infected. This gives the hacker an opening to pierce the school district’s network and steal data. For context, Verizon reported in 2018 that users in the U.S open 30% of phishing all emails, with 12% of those targeted clicking on infected links or attachments.
Hackers also deploy ransomware and lock up the school’s data until the district pays the hacker’s price. Another technique involves social engineering, where a hacker impersonates a district employee or vendor in order to steal network login credentials. Hackers take advantage of the relative openness of school district networks, student laptops, and mobile apps, which are set up for community inclusion and student access to educational resources – creating vulnerability to breach in the process.
As CSO Magazine reported, citing the Verizon breach study, “The number of security incidents involving mobile devices has increased over the past year, but companies are not protecting their mobile assets as well as they do other systems. One in three organizations admitted to suffering a compromise due to a mobile device.”
On the defense side, school districts usually have not prioritized strong security. They may not have the personnel or skill sets to defend digital assets. However, cleaning up data breaches is financially costly for schools. The district may also face state and federal penalties for failing to follow security precautions.
Cybersecurity in Schools: Best Practices
It’s clear that schools need stronger cybersecurity at this time. Money and personnel are big factors here, as one might expect. Security can be expensive, though in some cases, simple fixes like endpoint antivirus are relatively cheap for the defense they provide. The cybersecurity industry now fields many proven endpoint security, prevention and detection solutions. Managed Security Service Providers (MSSPs), including those run by state cybersecurity agencies, offer affordable, high-level protections for districts.
Providing security for a school district is not a static process. It is (or should be) ever-changing and dynamic. Here are some of the biggest preventative measures you can control in aiding cybersecurity in schools:
Antivirus Software: It’s essential that school networks invest in strong antivirus software to address viruses and malware that have infected their system.
DNS Quality: A Domain Name System is essentially what links domain names with their corresponding IP addresses. A constantly updated DNS helps close the gaps on exploits that can lead to the extraction of valuable data such as usernames, passwords, and general personal information.
Backup Data: Data loss is a common consequence of malware, breaches, and ransomware. By backing your data up you can often revert to a safe point before the damage happened.
Whitelisting: Operating with a list of approved apps and programs on systems that limit outside applications from running.
Staff awareness: It’s a good idea to train administrators, teachers, and students about cybersecurity through professional security companies/IT employees. For example, if people are savvier about phishing, they will be less likely to click on malware links.
How Prey Can Help
Prey offers a solution for helping schools and universities implement improved cybersecurity. It provides unified management of device security, enabling groupings of devices by class, usage, or state with custom tags. Security managers can thus view devices’ statuses and hardware changes. They can assign them to faculty or students through a single, multi-operating system platform.
In terms of reactive security, Prey lets administrators know when devices move out of bounds of Control Zones. They see historic movements and react automatically with anti-theft alarms, alerts and locks. Throughout, the solution conducts forensic evidence gathering. Prey is focused on data privacy. Data wipe and retrieval reactions add a layer of protection that’s compliant with The Family Educational Rights and Privacy Act of 1974 (FERPA).